Skip to content

배포 환경 설정 파일 추가 #176

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
2020147542 merged 1 commit into from
Feb 26, 2025
Merged

배포 환경 설정 파일 추가 #176

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 40 additions & 0 deletions docker/deploy/default.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
server {
listen 80;
server_name 15.164.219.98.nip.io;

location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
root /var/www/certbot;
allow all;
}

# HTTP를 HTTPS로 리다이렉트
location / {
return 301 https://$host$request_uri;
}
}

server {
listen 443 ssl;
server_name 15.164.219.98.nip.io;

# SSL 인증서 설정
ssl_certificate /etc/letsencrypt/live/15.164.219.98.nip.io/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/15.164.219.98.nip.io/privkey.pem;

# SSL 설정 최적화
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers off;

# HSTS 설정 (선택사항)
add_header Strict-Transport-Security "max-age=31536000" always;

location / {
proxy_pass http://172.31.42.108:8080;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
24 changes: 24 additions & 0 deletions docker/deploy/nginx-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
services:
nginx:
image: nginx:latest
ports:
- "80:80"
- "443:443"
volumes:
- ./conf.d:/etc/nginx/conf.d
- ./certbot/conf:/etc/letsencrypt
- ./certbot/www:/var/www/certbot
command: "/bin/sh -c 'while :; do sleep 6h & wait $${!}; nginx -s reload; done & nginx -g \"daemon off;\"'"
networks:
- app-network
certbot:
image: certbot/certbot
volumes:
- ./certbot/conf:/etc/letsencrypt
- ./certbot/www:/var/www/certbot
entrypoint: "/bin/sh -c 'trap exit TERM; while :; do certbot renew; sleep 12h & wait $${!}; done;'"
networks:
- app-network
networks:
app-network:
driver: bridge